The trading company Quanda International s.r.o., I.D. No. 02285665, with its registered office at Podvinný Mlýn 2357/44, 190 00 Praha 9, registered in the Commercial Register of the Municipal Court in Prague, Section C, File No. 217649 (hereinafter referred to as the "Provider"), hereby declares that in connection with the provision of the QUANDA service, which consists of a set of online tools and resources for the creation, administering and management of information about people and businesses and the creation, administering, sending and management of online surveys, online analysis and e-mail marketing campaigns (hereinafter the "Service"), it collects data about customers of the Service, which are specified in the Contractual Terms for the Provision of the QUANDA Service ("Terms and Conditions"). In particular, this concerns data provided by customers when registering with the Provider for the Service, or in the course of other communications between the customer and the Provider, such as:
• The names and surnames of customers that are individuals, and the form of business of customers that are legal entities,
• Identification numbers of business entities,
• the name and surname of the person carrying out the registration,
• the position of the registering person
• mobile numbers
• e-mail addresses
The Provider also collects statistical information including details of the customer’s browser type and operating system, the URL from which the customer is redirected to the Provider’s site, the date and time of visits, the duration of use and the frequency of use. These data are not used in conjunction with any particular person; they are only employed for the purpose of anonymous statistical analysis.
The above data may fall within the definition of personal data under the Act on Personal Data Protection No. 101/2000 Coll. (hereinafter the "Act"), as amended. The Provider undertakes this processing for the purpose of properly fulfilling the contract with the customer, as well as to protect the Provider’s Service from violations by the customer (e.g. use of an account by multiple persons), to ensure the security and stability of operating services, to improve the Service being offered, and to ensure the Provider's compliance with legal obligations and its ability to continue making available offers of other services to the customer.
The above-mentioned data that are processed by the Provider could be provided to related parties in accordance with Sec. 66a 9 of Act No. 513/1991 Coll., as amended, if this is required in order to fulfil the contract with the customer.
The customer’s data will be stored on servers located in the Czech Republic, and the Provider undertakes to ensure that the operator of the relevant server provides for maximum possible security for the customer’s data which have been handed over by the Provider in accordance with the law.
The above-mentioned customer data will be available for the term of the customer‘s use of the Service, and for an additional four  years after the end of that Service use (i.e. from the date of the last fee payment for the Service), in order to ensure the Provider’s security and stability and to fulfil the contract with the customer. After that period expires, the data will be disposed of in accordance with applicable regulations.
The Provider also collects and stores data which the customer collects from third parties (particularly about their customers) in the course of using the Service, and the Provider saves these data on its servers. The customer is responsible for obtaining the consent of these third parties to the collection and processing of their personal data, including any processing and storage by the Provider; in this regard, the customer guarantees to the Provider that all personal data collected by the customer and the means of their collection, meet all the requirements stipulated by the Act.
The Provider shall take necessary technical and organisational security steps to prevent unauthorised or accidental access to the customer‘s data as well as their alteration, destruction, loss, unauthorised transfer, unauthorised processing and other misuse.
Consent to Personal Data Processing
By endorsing this declaration, the customer consents to the Provider‘s processing of the customer’s data, as described above, or, as the case may be, the customer’s data obtained from third parties. The provision of such data is voluntary, and the customer may withdraw its consent by serving written notice on the Provider at any time, with the delivery of the notice being governed by these Terms and Conditions. Nevertheless, the Provider is entitled to process the above-stated data from the customer in order to meet the Provider‘s legal obligations as an administrator, to ensure fulfilment of the contract with the customer, to ensure protection of the rights and legally protected interests of the Provider, and for other statutory reasons.